Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
Exécuté par Romain (administrateur) sur POLIVEAU (13-10-2015 22:19:48)
Exécuté depuis C:\Users\Romain\Downloads
Profils chargés: Romain (Profils disponibles: Romain)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-10-02] (Analog Devices, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-08-03] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard)
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-03-16] (BitTorrent, Inc.)
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Policies\system: [DisableChangePassword] 0
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-15] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Sync.lnk [2011-07-05]
ShortcutTarget: PC Sync.lnk -> C:\Program Files (x86)\PC Sync\Voxsync.exe (Voxmobili)
Startup: C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-12-26]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{61E03B6A-A940-4A54-ABCE-5FC2239A407F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{61E03B6A-A940-4A54-ABCE-5FC2239A407F}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{A717FB23-7FD7-4148-9DC4-08A7FB96D79D}: [NameServer] 178.32.122.65,37.187.0.40
Tcpip\..\Interfaces\{A717FB23-7FD7-4148-9DC4-08A7FB96D79D}: [DhcpNameServer] 212.27.40.240 212.27.40.241

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2F3543B1-E9CE-43A5-83A4-0AA9026951A0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {2F3543B1-E9CE-43A5-83A4-0AA9026951A0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-164933824-2424214792-3371718756-1000 -> DefaultScope {7D4A46B0-5CA9-4852-8185-D69B6A7632B1} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-164933824-2424214792-3371718756-1000 -> {2F3543B1-E9CE-43A5-83A4-0AA9026951A0} URL = 
SearchScopes: HKU\S-1-5-21-164933824-2424214792-3371718756-1000 -> {7D4A46B0-5CA9-4852-8185-D69B6A7632B1} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-01] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default
FF Session Restore: -> est activé.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-09-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-09-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-09-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-09-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-09-22] (Apple Inc.)
FF SearchPlugin: C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\searchplugins\Search Provided by Yahoo.xml [2015-10-12]
FF Extension: WOT - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-30]
FF Extension: SaveFrom.net - helper - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\helper-sig@savefrom.net.xpi [2015-10-11]
FF Extension: Personas Plus - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\personas@christopher.beard.xpi [2011-05-14]
FF Extension: Flagfox - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-12]
FF Extension: Adblock Plus - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: High Stairs - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\{e50734d7-2d31-4fac-884e-090d45a071a4}.xpi [2015-10-12]
FF Extension: Sonic Train - C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\tomcvoa9.default\Extensions\{f993291f-c7ef-465f-a2b1-a9913a49526b}.xpi [2015-10-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-04-27]
FF HKU\S-1-5-21-164933824-2424214792-3371718756-1000\...\Firefox\Extensions: [{02bd39bc-3f40-46d7-b223-76965154570c}] - C:\Program Files (x86)\DealsCompare\150.xpi => non trouvé(e)

Chrome: 
=======
CHR Profile: C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DivX HiQ) - C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2015-10-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-13]
CHR Extension: (<video> HTML5 DivX Plus Web Player) - C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-10-13]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-02-03] (AMD) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [Fichier non signé]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [Fichier non signé]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 ACPIService; C:\Windows\System32\DRIVERS\OSDACPI.SYS [17992 2009-06-18] ()
S3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6366720 2010-02-03] (ATI Technologies Inc.) [Fichier non signé]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [186880 2010-02-03] (Advanced Micro Devices, Inc.) [Fichier non signé]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25080 2009-09-17] ()
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-13 22:02 - 2015-10-13 22:02 - 00035610 _____ C:\Users\Romain\Downloads\FRST2.txt
2015-10-13 22:00 - 2015-10-13 22:03 - 00081043 _____ C:\Users\Romain\Downloads\Addition.txt
2015-10-13 21:59 - 2015-10-13 22:19 - 00021309 _____ C:\Users\Romain\Downloads\FRST.txt
2015-10-13 21:58 - 2015-10-13 22:19 - 00000000 ____D C:\FRST
2015-10-13 21:58 - 2015-10-13 21:58 - 02196480 _____ (Farbar) C:\Users\Romain\Downloads\FRST64.exe
2015-10-13 20:07 - 2015-10-13 20:07 - 00002255 _____ C:\Users\Romain\Desktop\Google Chrome.lnk
2015-10-13 20:07 - 2015-10-13 20:07 - 00000000 ____D C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-13 19:20 - 2015-10-13 19:20 - 00001266 _____ C:\Users\Romain\Desktop\Revo Uninstaller.lnk
2015-10-13 19:20 - 2015-10-13 19:20 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-10-13 19:19 - 2015-10-13 19:19 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Romain\Downloads\revosetup.exe
2015-10-13 19:16 - 2015-10-13 19:48 - 00048134 _____ C:\Windows\PFRO.log
2015-10-13 19:16 - 2015-10-13 19:48 - 00000112 _____ C:\Windows\setupact.log
2015-10-13 19:16 - 2015-10-13 19:16 - 00000000 _____ C:\Windows\setuperr.log
2015-10-13 19:13 - 2015-10-13 19:47 - 00000000 ____D C:\AdwCleaner
2015-10-13 19:12 - 2015-10-13 19:13 - 01682432 _____ C:\Users\Romain\Desktop\adwcleaner_5.013.exe
2015-10-13 19:11 - 2015-10-13 19:11 - 00772016 _____ (Reimage®) C:\Users\Romain\Downloads\Non confirmé 207666.crdownload
2015-10-13 18:25 - 2015-10-13 18:25 - 00016840 _____ C:\Windows\SysWOW64\CCCInstall_201510131825411635.log
2015-10-12 23:27 - 2015-10-12 23:46 - 00000000 ____D C:\ProgramData\Nero
2015-10-12 23:22 - 2015-10-12 23:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-12 23:13 - 2015-10-12 23:39 - 00000000 ____D C:\Users\Romain\AppData\Roaming\Nero
2015-10-12 22:56 - 2015-10-12 22:57 - 00000000 ____D C:\Users\Romain\AppData\Local\tiso
2015-10-12 22:56 - 2015-10-12 22:56 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-12 22:55 - 2015-10-12 22:55 - 00874213 _____ C:\Users\Romain\Downloads\installer.zip
2015-10-11 18:52 - 2015-10-11 19:10 - 284453230 _____ C:\Users\Romain\Downloads\Simone Veil une loi au nom des femmes (2010)-SD.mp4
2015-10-09 23:31 - 2015-10-13 18:16 - 00000000 ____D C:\Users\Romain\Downloads\Borgen S03 Episode 04 DVDRip plus Fichiers Sous-titres Francais
2015-10-09 23:30 - 2015-10-09 23:30 - 00017972 _____ C:\Users\Romain\Downloads\Borgen S03 Episode 04 DVDRip plus Fichiers Sous-titres Francais.1.torrent
2015-10-05 22:26 - 2015-10-05 22:28 - 00000000 ____D C:\Users\Romain\Downloads\La IIIè République
2015-10-05 22:25 - 2015-10-05 22:57 - 969911458 _____ C:\Users\Romain\Downloads\La4emeRep-UneFranceOubliee.niko19.avi
2015-10-05 22:25 - 2015-10-05 22:25 - 00036647 _____ C:\Users\Romain\Downloads\La IIIè République.1.torrent
2015-10-05 22:24 - 2015-10-05 22:24 - 00037327 _____ C:\Users\Romain\Downloads\La4emeRep-UneFranceOubliee.niko19.avi.1.torrent
2015-10-05 22:19 - 2015-10-05 22:19 - 00012015 _____ C:\Users\Romain\Downloads\1989_l'elysee_au_pied_du_mur.torrent
2015-10-05 22:19 - 2015-10-05 22:19 - 00000000 ____D C:\Users\Romain\Downloads\Les.Hommes.De.L.Elysee.DOC.FRENCH.PDTV.x264-ABiTBOL.mp4
2015-10-05 22:17 - 2015-10-05 22:17 - 00011826 _____ C:\Users\Romain\Downloads\Les.Hommes.De.L.Elysee.DOC.FRENCH.PDTV.x264-ABiTBOL.mp4.1.torrent
2015-10-05 22:15 - 2015-10-05 22:28 - 1054646860 _____ C:\Users\Romain\Downloads\Elysee-UnTempsDePresident.TVrip.niko19.avi
2015-10-05 22:15 - 2015-10-05 22:15 - 00040573 _____ C:\Users\Romain\Downloads\Elysee-UnTempsDePresident.TVrip.niko19.avi.1.torrent
2015-10-03 20:50 - 2015-10-03 20:51 - 13155552 _____ (Microsoft Corporation) C:\Users\Romain\Downloads\Silverlight_x64.exe
2015-09-20 14:29 - 2015-09-20 14:29 - 00504317 _____ C:\Users\Romain\Downloads\Certificat médical d'inaptitude à la pratique de l'EPS.jpeg
2015-09-19 03:51 - 2015-09-19 03:51 - 00000000 ____D C:\Users\Romain\AppData\Local\WEB2Print
2015-09-16 22:39 - 2015-09-23 00:02 - 00016574 _____ C:\Users\Romain\Desktop\lettre de démission.odt
2015-09-15 18:52 - 2010-10-07 11:39 - 00000000 ____D C:\Users\Romain\Desktop\__MACOSX

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-10-13 22:18 - 2011-01-09 01:13 - 00000000 ____D C:\Users\Romain\AppData\Roaming\uTorrent
2015-10-13 22:08 - 2011-04-27 22:41 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-13 22:06 - 2013-11-08 22:42 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-13 22:03 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-13 22:03 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-13 21:49 - 2013-02-02 13:23 - 01790611 _____ C:\Windows\WindowsUpdate.log
2015-10-13 21:08 - 2011-04-27 22:41 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-13 19:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 18:51 - 2015-06-26 10:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 18:48 - 2010-12-26 02:57 - 00000000 ____D C:\Users\Romain\AppData\Roaming\Winamp
2015-10-13 18:43 - 2012-09-14 22:23 - 00000000 ____D C:\Program Files\CCleaner
2015-10-13 18:16 - 2015-07-13 17:27 - 00000000 ____D C:\Users\Romain\Downloads\BORGEN S03E03[TVRIP][VOSTFR]
2015-10-13 18:16 - 2015-04-07 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-13 18:16 - 2015-04-07 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-13 18:16 - 2010-12-26 03:49 - 00000000 ____D C:\Users\Romain\AppData\Roaming\vlc
2015-10-13 18:16 - 2010-12-26 02:09 - 00000000 ____D C:\Users\Romain
2015-10-13 18:16 - 2010-07-15 21:35 - 00000000 ____D C:\Windows\SysWOW64\fr
2015-10-13 18:16 - 2010-07-15 21:30 - 00000000 ____D C:\Program Files\PlayReady
2015-10-13 18:16 - 2010-07-15 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\zh-CHT
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\zh-CHS
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\tr
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\sv
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\sk
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\ru
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\ro
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\pt
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\pl
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\no
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\nl
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\ko
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\ja
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\it
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\hu
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\fi
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\es
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\el
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\de
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\da
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\cs
2015-10-13 18:16 - 2010-07-15 21:14 - 00000000 ____D C:\Windows\SysWOW64\bg
2015-10-13 18:16 - 2010-07-15 21:13 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-13 18:16 - 2010-07-15 21:08 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-10-13 18:16 - 2010-07-15 20:59 - 00000000 ____D C:\Program Files (x86)\AMD
2015-10-13 18:16 - 2010-07-15 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-13 18:16 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-10-13 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
2015-10-13 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-10-13 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-10-13 18:15 - 2010-07-15 21:35 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-10-13 18:15 - 2010-07-15 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-13 18:15 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-10-13 18:15 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-10-13 18:15 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-10-13 18:15 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-10-13 18:15 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-13 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-10-11 23:21 - 2015-09-02 21:46 - 00000000 ____D C:\Users\Romain\Desktop\5ème
2015-10-08 23:55 - 2010-07-15 21:36 - 00406406 _____ C:\Windows\system32\perfh00C.dat
2015-10-08 23:55 - 2010-07-15 21:36 - 00064374 _____ C:\Windows\system32\perfc00C.dat
2015-10-08 23:55 - 2009-07-14 07:13 - 00461912 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-08 23:53 - 2010-12-28 03:44 - 00003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{51B5DD15-7E8F-4F0C-813E-4DF0EE5CB822}
2015-10-06 21:12 - 2015-09-04 14:14 - 00000000 ____D C:\Users\Romain\Desktop\1ère STD2A
2015-10-06 13:59 - 2015-09-04 14:15 - 00000000 ____D C:\Users\Romain\Desktop\2nde
2015-10-04 12:08 - 2015-04-06 23:35 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForRomain.job
2015-10-03 23:18 - 2012-03-19 00:27 - 00003202 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPOLIVEAU$
2015-10-03 23:18 - 2012-03-19 00:27 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForPOLIVEAU$.job
2015-10-03 13:26 - 2015-04-06 23:35 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRomain
2015-10-03 13:26 - 2010-12-31 21:18 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-10-01 02:17 - 2015-09-02 21:46 - 00000000 ____D C:\Users\Romain\Desktop\4ème
2015-09-21 23:06 - 2013-11-08 22:42 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 23:06 - 2012-05-14 22:38 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 23:06 - 2011-05-16 22:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 21:04 - 2011-04-27 22:41 - 00000000 ____D C:\Users\Romain\AppData\Local\Google
2015-09-14 21:03 - 2011-04-27 22:41 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 21:03 - 2011-04-27 22:41 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Fichiers à la racine de certains dossiers =======

2011-12-04 19:59 - 2012-04-14 00:52 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt
2011-06-19 00:07 - 2011-09-24 12:01 - 0001854 _____ () C:\Users\Romain\AppData\Roaming\GhostObjGAFix.xml
2012-06-25 12:20 - 2012-06-25 12:20 - 0000122 _____ () C:\Users\Romain\AppData\Roaming\Offre.ini
2014-12-07 20:51 - 2014-12-07 20:52 - 0000172 _____ () C:\Users\Romain\AppData\Roaming\wklnhst.dat
2011-09-28 16:41 - 2011-09-28 16:41 - 0000000 _____ () C:\Users\Romain\AppData\Local\{69A01D27-A507-4282-9944-4B9DEE271446}
2015-09-04 14:23 - 2015-09-04 14:23 - 0000012 _____ () C:\ProgramData\GEN3BrightnessLevel.INI
2013-02-01 03:14 - 2013-02-01 03:14 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Certains fichiers dans TEMP:
====================
C:\Users\Romain\AppData\Local\Temp\sqlite3.dll
C:\Users\Romain\AppData\Local\Temp\{0CAAB728-2A3B-4232-8730-3E28A4124563}.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-10-11 17:46

==================== Fin de FRST.txt ============================